package zhcms.admin;

import java.util.ArrayList;
import java.util.HashMap;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import zhcms.db.DbConn;
import zhcms.framework.Action;
import zhcms.framework.ActionForward;

public class GyTemplateTag implements Action  {
	public GyTemplateTag()
	{
		
	}
	
	@Override
	public ActionForward excute(HttpServletRequest request,
			HttpServletResponse response) {
		return null;
	}

	public ArrayList<HashMap<String, String>> getAllList()
	{
		String sql="select id,name from `gyhy_province` order by id asc";
		return DbConn.executeQuery(sql);
	}
	
	public ArrayList<HashMap<String, String>> getOneList(int postid)
	{
		String sql="select * from `gyhy_province` where id='"+postid+"'";
		return DbConn.executeQuery(sql);
	}
	
	public ArrayList<HashMap<String, String>> getOneList(String postid)
	{
		String sql="select * from `gyhy_province` where id='"+postid+"'";
		return DbConn.executeQuery(sql);
	}

	public static String TransactSQLInjection(String str)
	{
	    return str.replaceAll(".*([';]+|(--)+).*", " ");
	}

}
